[quagga-dev 14010] Re: [PATCH 2/4] bgpd: Check capability falls on right multiple of size, where possible.

Wed, 25 Nov 2015 12:57:52 -0800 

Acked-by: Donald Sharp <[email protected]>

On Wed, Nov 25, 2015 at 12:14 PM, Paul Jakma <[email protected]> wrote:

> * bgp_open.c: (cap_modsizes) Table of multiple a capability's data size
>   should fall on, if applicable.
>   (bgp_capability_parse) Check the header lengthcap_modsizes should fall
> on.
>
>   Inspiration from Cumulus bgpd-capability-cleanup.patch patch, with a
>   slightly different approach.
> ---
>  bgpd/bgp_open.c | 31 +++++++++++++++++++++++++++++++
>  1 file changed, 31 insertions(+)
>
> diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
> index 4709871..6d173ed 100644
> --- a/bgpd/bgp_open.c
> +++ b/bgpd/bgp_open.c
> @@ -442,6 +442,24 @@ static const size_t cap_minsizes[] =
>    [CAPABILITY_CODE_ORF_OLD]    = sizeof (struct capability_orf_entry),
>  };
>
> +/* value the capability must be a multiple of.
> + * 0-data capabilities won't be checked against this.
> + * Other capabilities whose data doesn't fall on convenient boundaries
> for this
> + * table should be set to 1.
> + */
> +static const size_t cap_modsizes[] =
> +{
> +  [CAPABILITY_CODE_MP]          = 4,
> +  [CAPABILITY_CODE_REFRESH]     = 1,
> +  [CAPABILITY_CODE_ORF]         = 1,
> +  [CAPABILITY_CODE_RESTART]     = 1,
> +  [CAPABILITY_CODE_AS4]         = 4,
> +  [CAPABILITY_CODE_DYNAMIC]     = 1,
> +  [CAPABILITY_CODE_REFRESH_OLD] = 1,
> +  [CAPABILITY_CODE_ORF_OLD]     = 1,
> +  [CAPABILITY_CODE_SELECT_ORDER] = 2,
> +};
> +
>  /**
>   * Parse given capability.
>   * XXX: This is reading into a stream, but not using stream API
> @@ -515,6 +533,19 @@ bgp_capability_parse (struct peer *peer, size_t
> length, int *mp_capability,
>                                    BGP_NOTIFY_OPEN_UNSPECIFIC);
>                    return -1;
>                  }
> +              if (caphdr.length
> +                  && caphdr.length % cap_modsizes[caphdr.code] != 0)
> +                {
> +                  zlog_info ("%s %s Capability length error: got %u,"
> +                             " expected a multiple of %u",
> +                             peer->host,
> +                             LOOKUP (capcode_str, caphdr.code),
> +                             caphdr.length,
> +                            (unsigned) cap_modsizes[caphdr.code]);
> +                  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
> +                                         BGP_NOTIFY_OPEN_UNSPECIFIC);
> +                  return -1;
> +                }
>            /* we deliberately ignore unknown codes, see below */
>            default:
>              break;
> --
> 2.5.0
>
>
> _______________________________________________
> Quagga-dev mailing list
> [email protected]
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>

_______________________________________________
Quagga-dev mailing list
[email protected]
https://lists.quagga.net/mailman/listinfo/quagga-dev

Reply via email to